From 456b32ba4f85000d168230b8cc5f58571699ed63 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Fri, 10 Nov 2023 17:28:16 +0100 Subject: [PATCH] Rearrange some CI jobs Those less useful should be in daily or on-push runs. Those more likely triggering CI failure that do not take too much time should be in main on pull request CI. Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/22693) --- .github/workflows/ci.yml | 146 --------------- .github/workflows/run-checker-ci.yml | 4 +- .github/workflows/run-checker-daily-sctp.yml | 53 ------ .github/workflows/run-checker-daily.yml | 186 ++++++++++++++++++- .github/workflows/run-checker-merge.yml | 3 +- 5 files changed, 189 insertions(+), 203 deletions(-) delete mode 100644 .github/workflows/run-checker-daily-sctp.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 72c0167b85..6df7010875 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -293,117 +293,6 @@ jobs: - name: make test run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} - enable_brotli_dynamic: - runs-on: ubuntu-latest - steps: - - name: install brotli - run: | - sudo apt-get update - sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install brotli libbrotli1 libbrotli-dev - - name: checkout openssl - uses: actions/checkout@v4 - - name: checkout fuzz/corpora submodule - run: git submodule update --init --depth 1 fuzz/corpora - - name: config - run: ./config enable-comp enable-brotli enable-brotli-dynamic && perl configdata.pm --dump - - name: make - run: make -s -j4 - - name: get cpu info - run: | - cat /proc/cpuinfo - ./util/opensslwrap.sh version -c - - name: make test - run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} - - enable_zstd_dynamic: - runs-on: ubuntu-latest - steps: - - name: install zstd - run: | - sudo apt-get update - sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install zstd libzstd1 libzstd-dev - - name: checkout openssl - uses: actions/checkout@v4 - - name: checkout fuzz/corpora submodule - run: git submodule update --init --depth 1 fuzz/corpora - - name: config - run: ./config enable-comp enable-zstd enable-zstd-dynamic && perl configdata.pm --dump - - name: make - run: make -s -j4 - - name: get cpu info - run: | - cat /proc/cpuinfo - ./util/opensslwrap.sh version -c - - name: make test - run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} - - enable_brotli_and_zstd_dynamic: - runs-on: ubuntu-latest - steps: - - name: install brotli and zstd - run: | - sudo apt-get update - sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install brotli libbrotli1 libbrotli-dev - sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install zstd libzstd1 libzstd-dev - - name: checkout openssl - uses: actions/checkout@v4 - - name: checkout fuzz/corpora submodule - run: git submodule update --init --depth 1 fuzz/corpora - - name: config - run: ./config enable-comp enable-brotli enable-brotli-dynamic enable-zstd enable-zstd-dynamic && perl configdata.pm --dump - - name: make - run: make -s -j4 - - name: get cpu info - run: | - cat /proc/cpuinfo - ./util/opensslwrap.sh version -c - - name: make test - run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} - - enable_brotli_and_asan_ubsan: - runs-on: ubuntu-latest - steps: - - name: install brotli - run: | - sudo apt-get update - sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install brotli libbrotli1 libbrotli-dev - - name: checkout openssl - uses: actions/checkout@v4 - - name: checkout fuzz/corpora submodule - run: git submodule update --init --depth 1 fuzz/corpora - - name: config - run: ./config --banner=Configured --debug enable-asan enable-ubsan enable-comp enable-brotli -DPEDANTIC && perl configdata.pm --dump - - name: make - run: make -s -j4 - - name: get cpu info - run: | - cat /proc/cpuinfo - ./util/opensslwrap.sh version -c - - name: make test - run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} OPENSSL_TEST_RAND_ORDER=0 - - enable_zstd_and_asan_ubsan: - runs-on: ubuntu-latest - steps: - - name: install zstd - run: | - sudo apt-get update - sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install zstd libzstd1 libzstd-dev - - name: checkout openssl - uses: actions/checkout@v4 - - name: checkout fuzz/corpora submodule - run: git submodule update --init --depth 1 fuzz/corpora - - name: config - run: ./config --banner=Configured --debug enable-asan enable-ubsan enable-comp enable-zstd -DPEDANTIC && perl configdata.pm --dump - - name: make - run: make -s -j4 - - name: get cpu info - run: | - cat /proc/cpuinfo - ./util/opensslwrap.sh version -c - - name: make test - run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} OPENSSL_TEST_RAND_ORDER=0 - no-legacy: runs-on: ubuntu-latest steps: @@ -438,41 +327,6 @@ jobs: - name: make test run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} - enable-tfo: - strategy: - matrix: - os: [ ubuntu-latest, macos-latest ] - runs-on: ${{matrix.os}} - steps: - - uses: actions/checkout@v4 - - name: checkout fuzz/corpora submodule - run: git submodule update --init --depth 1 fuzz/corpora - - name: config - run: CC=gcc ./config --banner=Configured enable-tfo --strict-warnings && perl configdata.pm --dump - - name: make - run: make -s -j4 - - name: get cpu info - run: ./util/opensslwrap.sh version -c - - name: make test - run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} - - buildtest: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: checkout fuzz/corpora submodule - run: git submodule update --init --depth 1 fuzz/corpora - - name: config - run: ./config --banner=Configured no-asm no-makedepend enable-buildtest-c++ enable-fips --strict-warnings -D_DEFAULT_SOURCE && perl configdata.pm --dump - - name: make - run: make -s -j4 - - name: get cpu info - run: | - cat /proc/cpuinfo - ./util/opensslwrap.sh version -c - - name: make test - run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} - out-of-source-and-install: strategy: matrix: diff --git a/.github/workflows/run-checker-ci.yml b/.github/workflows/run-checker-ci.yml index 0c961f8ef1..bcd90cd978 100644 --- a/.github/workflows/run-checker-ci.yml +++ b/.github/workflows/run-checker-ci.yml @@ -23,12 +23,12 @@ jobs: no-dh, no-dtls, no-ec, - no-ec2m, no-ecx, no-http, no-legacy, no-sock, enable-ssl-trace, + no-stdio, no-threads, no-thread-pool, no-default-thread-pool, @@ -53,7 +53,7 @@ jobs: - name: get cpu info run: | cat /proc/cpuinfo - ./util/opensslwrap.sh version -c + if [ -x apps/openssl ] ; then ./util/opensslwrap.sh version -c ; fi - name: Check platform symbol usage run: ./util/checkplatformsyms.pl ./util/platform_symbols/unix-symbols.txt ./libcrypto.so ./libssl.so - name: make test diff --git a/.github/workflows/run-checker-daily-sctp.yml b/.github/workflows/run-checker-daily-sctp.yml deleted file mode 100644 index ba9a5178f0..0000000000 --- a/.github/workflows/run-checker-daily-sctp.yml +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved. -# -# Licensed under the Apache License 2.0 (the "License"). You may not use -# this file except in compliance with the License. You can obtain a copy -# in the file LICENSE in the source distribution or at -# https://www.openssl.org/source/license.html - -name: Run-checker CI daily sctp -on: - schedule: - - cron: '0 6 * * *' -permissions: - contents: read - -jobs: - run-checker: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: checkout fuzz/corpora submodule - run: git submodule update --init --depth 1 fuzz/corpora - - name: Install Dependencies for sctp option - run: | - sudo apt-get update - sudo apt-get -yq install lksctp-tools libsctp-dev - - - name: Check SCTP and enable auth - id: sctp_auth - continue-on-error: true - run: | - checksctp - sudo sysctl -w net.sctp.auth_enable=1 - - - name: config - if: steps.sctp_auth.outcome == 'success' && steps.sctp_auth.conclusion == 'success' - run: CC=clang ./config --banner=Configured --strict-warnings enable-sctp - - - name: config dump - if: steps.sctp_auth.outcome == 'success' && steps.sctp_auth.conclusion == 'success' - run: ./configdata.pm --dump - - - name: make - if: steps.sctp_auth.outcome == 'success' && steps.sctp_auth.conclusion == 'success' - run: make -s -j4 - - - name: get cpu info - run: | - cat /proc/cpuinfo - ./util/opensslwrap.sh version -c - - - name: make test - if: steps.sctp_auth.outcome == 'success' && steps.sctp_auth.conclusion == 'success' - run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} diff --git a/.github/workflows/run-checker-daily.yml b/.github/workflows/run-checker-daily.yml index 0dbbac285f..157746f39f 100644 --- a/.github/workflows/run-checker-daily.yml +++ b/.github/workflows/run-checker-daily.yml @@ -112,7 +112,6 @@ jobs: no-ssl3-method, no-ssl-trace, no-static-engine no-shared, - no-stdio, no-tests, enable-tfo, no-tls1, @@ -150,3 +149,188 @@ jobs: if [ -x apps/openssl ] ; then ./util/opensslwrap.sh version -c ; fi - name: make test run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} + + run-checker-sctp: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: checkout fuzz/corpora submodule + run: git submodule update --init --depth 1 fuzz/corpora + - name: Install Dependencies for sctp option + run: | + sudo apt-get update + sudo apt-get -yq install lksctp-tools libsctp-dev + + - name: Check SCTP and enable auth + id: sctp_auth + continue-on-error: true + run: | + checksctp + sudo sysctl -w net.sctp.auth_enable=1 + + - name: config + if: steps.sctp_auth.outcome == 'success' && steps.sctp_auth.conclusion == 'success' + run: CC=clang ./config --banner=Configured --strict-warnings enable-sctp + + - name: config dump + if: steps.sctp_auth.outcome == 'success' && steps.sctp_auth.conclusion == 'success' + run: ./configdata.pm --dump + + - name: make + if: steps.sctp_auth.outcome == 'success' && steps.sctp_auth.conclusion == 'success' + run: make -s -j4 + + - name: get cpu info + run: | + cat /proc/cpuinfo + ./util/opensslwrap.sh version -c + + - name: make test + if: steps.sctp_auth.outcome == 'success' && steps.sctp_auth.conclusion == 'success' + run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} + + enable_brotli_dynamic: + runs-on: ubuntu-latest + steps: + - name: install brotli + run: | + sudo apt-get update + sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install brotli libbrotli1 libbrotli-dev + - name: checkout openssl + uses: actions/checkout@v4 + - name: checkout fuzz/corpora submodule + run: git submodule update --init --depth 1 fuzz/corpora + - name: config + run: ./config enable-comp enable-brotli enable-brotli-dynamic && perl configdata.pm --dump + - name: make + run: make -s -j4 + - name: get cpu info + run: | + cat /proc/cpuinfo + ./util/opensslwrap.sh version -c + - name: make test + run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} + + enable_zstd_dynamic: + runs-on: ubuntu-latest + steps: + - name: install zstd + run: | + sudo apt-get update + sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install zstd libzstd1 libzstd-dev + - name: checkout openssl + uses: actions/checkout@v4 + - name: checkout fuzz/corpora submodule + run: git submodule update --init --depth 1 fuzz/corpora + - name: config + run: ./config enable-comp enable-zstd enable-zstd-dynamic && perl configdata.pm --dump + - name: make + run: make -s -j4 + - name: get cpu info + run: | + cat /proc/cpuinfo + ./util/opensslwrap.sh version -c + - name: make test + run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} + + enable_brotli_and_zstd_dynamic: + runs-on: ubuntu-latest + steps: + - name: install brotli and zstd + run: | + sudo apt-get update + sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install brotli libbrotli1 libbrotli-dev + sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install zstd libzstd1 libzstd-dev + - name: checkout openssl + uses: actions/checkout@v4 + - name: checkout fuzz/corpora submodule + run: git submodule update --init --depth 1 fuzz/corpora + - name: config + run: ./config enable-comp enable-brotli enable-brotli-dynamic enable-zstd enable-zstd-dynamic && perl configdata.pm --dump + - name: make + run: make -s -j4 + - name: get cpu info + run: | + cat /proc/cpuinfo + ./util/opensslwrap.sh version -c + - name: make test + run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} + + enable_brotli_and_asan_ubsan: + runs-on: ubuntu-latest + steps: + - name: install brotli + run: | + sudo apt-get update + sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install brotli libbrotli1 libbrotli-dev + - name: checkout openssl + uses: actions/checkout@v4 + - name: checkout fuzz/corpora submodule + run: git submodule update --init --depth 1 fuzz/corpora + - name: config + run: ./config --banner=Configured --debug enable-asan enable-ubsan enable-comp enable-brotli -DPEDANTIC && perl configdata.pm --dump + - name: make + run: make -s -j4 + - name: get cpu info + run: | + cat /proc/cpuinfo + ./util/opensslwrap.sh version -c + - name: make test + run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} OPENSSL_TEST_RAND_ORDER=0 + + enable_zstd_and_asan_ubsan: + runs-on: ubuntu-latest + steps: + - name: install zstd + run: | + sudo apt-get update + sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install zstd libzstd1 libzstd-dev + - name: checkout openssl + uses: actions/checkout@v4 + - name: checkout fuzz/corpora submodule + run: git submodule update --init --depth 1 fuzz/corpora + - name: config + run: ./config --banner=Configured --debug enable-asan enable-ubsan enable-comp enable-zstd -DPEDANTIC && perl configdata.pm --dump + - name: make + run: make -s -j4 + - name: get cpu info + run: | + cat /proc/cpuinfo + ./util/opensslwrap.sh version -c + - name: make test + run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} OPENSSL_TEST_RAND_ORDER=0 + + enable_tfo: + strategy: + matrix: + os: [ ubuntu-latest, macos-latest ] + runs-on: ${{matrix.os}} + steps: + - uses: actions/checkout@v4 + - name: checkout fuzz/corpora submodule + run: git submodule update --init --depth 1 fuzz/corpora + - name: config + run: CC=gcc ./config --banner=Configured enable-tfo --strict-warnings && perl configdata.pm --dump + - name: make + run: make -s -j4 + - name: get cpu info + run: ./util/opensslwrap.sh version -c + - name: make test + run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} + + enable_buildtest: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: checkout fuzz/corpora submodule + run: git submodule update --init --depth 1 fuzz/corpora + - name: config + run: ./config --banner=Configured no-asm no-makedepend enable-buildtest-c++ enable-fips --strict-warnings -D_DEFAULT_SOURCE && perl configdata.pm --dump + - name: make + run: make -s -j4 + - name: get cpu info + run: | + cat /proc/cpuinfo + ./util/opensslwrap.sh version -c + - name: make test + run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} diff --git a/.github/workflows/run-checker-merge.yml b/.github/workflows/run-checker-merge.yml index 461f16527d..c5958a5b99 100644 --- a/.github/workflows/run-checker-merge.yml +++ b/.github/workflows/run-checker-merge.yml @@ -22,6 +22,7 @@ jobs: no-ct, no-dso, no-dynamic-engine, + no-ec2m, no-engine no-shared, no-err, no-filenames, @@ -49,6 +50,6 @@ jobs: - name: get cpu info run: | cat /proc/cpuinfo - ./util/opensslwrap.sh version -c + if [ -x apps/openssl ] ; then ./util/opensslwrap.sh version -c ; fi - name: make test run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}